CONTRIBUTE TO OUR LEGAL DEFENSE

If you accept cookies from this site, you will only be shown this dialog once!You can press escape or click on the X to close this box.

Register a free account to unlock additional features at BleepingComputer.com

Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

I attempted to remove the virus using instructions from the web (something on How do I do this site) but was not successful. I ran Malwarebytes but the PC Repair program still came up after restarting. Then I found your site. (Thank you!) I have completed two of the three files you requested, dds, and attach. My gmer scan is acting up. It has stopped all by itself twice now. I will continue to try it and wait on your recommendations. Thanks. Jeff.

My name is Shannon and I will be working with you to remove the malware that is on your machine.

I apologize for the delay in replying to your post, but this forum is extremely busy.

Please Track this topic - On the top right on this tread, click on the Watch Topic button, click on 'Immediate Email Notification', and then click on the Proceed button at the bottom.

Do Not make any changes on your own to the infected computer.

Please set your system to show all files.Click Start, open My Computer, select the Tools menu and click Folder Options.Select the View Tab. Under the Hidden files and folders heading, select Show hidden files and folders.Uncheck: Hide file extensions for known file typesUncheck the Hide protected operating system files (recommended) option.Click Yes to confirm.

Now, let's look more thoroughly at the infected computer -

We need to see some information about what is happening in your machine. Please perform the following scan:

Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Next, please download Rootkit Unhooker from one of the following links and save it to your desktop.Link 1 (.exe file)Link 2 (zipped file)Link 3 (.rar file)In order to use this tool if you downloaded from either of the second two links, you will need to extract the RKUnhookerLE.exe file using a program capable of extracing ZIP and RAR compressed files. If you don't have an extraction program, you can downlaod, install and use the free 7-zip utility.

Double-click on RKUnhookerLE.exe to start the program.

Click the Report tab, then click Scan.

Check Drivers, Stealth, and uncheck the rest.

Click OK.

Wait until it's finished and then go to File > Save Report.

Save the report to your Desktop.

Copy and paste the contents of the report into your next reply.

-- Note: You may get this warning...just ignore it, click OK and continue: "Rootkit Unhooker has detected a parasite inside itself! It is recommended to remove parasite, okay?".

Once you have the above logs, click on the Add Reply button below, copy in the contents of the two OTL logs and the RKU log. Also include any comments that you might have concerning the infection(s) and the infected computer.

Thanks so much for your help. I attached the three files you requested. The PC Cleaner button was clicked by accident but luckily the program wasn't downloaded. This computer was working fine but there were other annoying bugs in it such as the yellow box that comes up and says "your antivirus is not working properly". I would create a screen shot but the PC cleaner has changed the problems some. Thanks, Jeff.

Your version of Java is out of date.Older versions have vulnerabilities that malicious sites can use to exploit and infect your system. Please follow these steps to remove older version Java components and update:

If offered to install a Toolbar, just uncheck the box before continuing unless you want it.

-- Java is updated frequently. If you want to be automatically notified of future updates, just turn on the Java Automatic Update feature and you will not have to remember to update when Java releases a new version.

Note: The Java Quick Starter (JQS.exe) adds a service to improve the initial startup time of Java applets and applications but it's not necessary. To disable the JQS service if you don't want to use it:

i figured it out. i need to get a new antivirus program. i am a student at the local community college, is it okay to use the free version i can get from them or should my cheap@#$ just buy one? if so, which do you recommend? thank you so much for your help. the virus is gone. my computer seemed to be very fast after the combofix ran but now it seems to have slowed back down. or maybe i have been sitting here staring at this screen too long! Jeff.